From c84875c1267274938f2e68535e95e816916d97b5 Mon Sep 17 00:00:00 2001 From: Sattvik Chakravarthy Date: Thu, 10 Oct 2024 13:14:22 +0530 Subject: [PATCH 1/6] fix: client secret and refresh token mapping --- .../pluginInterface/oauth/OAuthClient.java | 15 +++++++++++++++ .../pluginInterface/oauth/OAuthStorage.java | 14 ++++++++++---- 2 files changed, 25 insertions(+), 4 deletions(-) create mode 100644 src/main/java/io/supertokens/pluginInterface/oauth/OAuthClient.java diff --git a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthClient.java b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthClient.java new file mode 100644 index 00000000..9f3b57db --- /dev/null +++ b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthClient.java @@ -0,0 +1,15 @@ +package io.supertokens.pluginInterface.oauth; + +public class OAuthClient { + public final String clientId; + public final String clientSecret; + public final boolean isClientCredentialsOnly; + public final boolean enableRefreshTokenRotation; + + public OAuthClient(String clientId, String clientSecret, boolean isClientCredentialsOnly, boolean enableRefreshTokenRotation) { + this.clientId = clientId; + this.clientSecret = clientSecret; + this.isClientCredentialsOnly = isClientCredentialsOnly; + this.enableRefreshTokenRotation = enableRefreshTokenRotation; + } +} diff --git a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java index e0e5916a..f9fb1736 100644 --- a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java +++ b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java @@ -27,14 +27,14 @@ public interface OAuthStorage extends NonAuthRecipeStorage { - public boolean doesOAuthClientIdExist(AppIdentifier appIdentifier, String clientId) throws - StorageQueryException; + public OAuthClient getOAuthClientById(AppIdentifier appIdentifier, String clientId) throws + OAuthClientNotFoundException, StorageQueryException; - public void addOrUpdateOauthClient(AppIdentifier appIdentifier, String clientId, boolean isClientCredentialsOnly) throws TenantOrAppNotFoundException, StorageQueryException; + public void addOrUpdateOauthClient(AppIdentifier appIdentifier, String clientId, String clientSecret, boolean isClientCredentialsOnly, boolean enableRefreshTokenRotation) throws TenantOrAppNotFoundException, StorageQueryException; public boolean deleteOAuthClient(AppIdentifier appIdentifier, String clientId) throws StorageQueryException; - public List listOAuthClients(AppIdentifier appIdentifier) throws StorageQueryException; + public List getOAuthClients(AppIdentifier appIdentifier, List clientIds) throws StorageQueryException; public void revokeOAuthTokensBasedOnTargetFields(AppIdentifier appIdentifier, OAuthRevokeTargetType targetType, String targetValue, long exp) throws TenantOrAppNotFoundException, StorageQueryException; @@ -53,6 +53,12 @@ public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challeng public void deleteOAuthLogoutChallengesBefore(long time) throws StorageQueryException; + public void createOrUpdateRefreshTokenMapping(AppIdentifier appIdentifier, String superTokensRefreshToken, String oauthProviderRefreshToken, long exp) throws StorageQueryException; + + public String getRefreshTokenMapping(AppIdentifier appIdentifier, String superTokensRefreshToken) throws StorageQueryException; + + public void deleteRefreshTokenMapping(AppIdentifier appIdentifier, String superTokensRefreshToken) throws StorageQueryException; + public int countTotalNumberOfOAuthClients(AppIdentifier appIdentifier) throws StorageQueryException; public int countTotalNumberOfClientCredentialsOnlyOAuthClients(AppIdentifier appIdentifier) throws StorageQueryException; From 8c39b904d7dd7e4763965da9057779c9a3283a14 Mon Sep 17 00:00:00 2001 From: Sattvik Chakravarthy Date: Mon, 14 Oct 2024 11:13:09 +0530 Subject: [PATCH 2/6] fix: cron related --- .../io/supertokens/pluginInterface/oauth/OAuthStorage.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java index f9fb1736..69794822 100644 --- a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java +++ b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java @@ -40,9 +40,11 @@ public OAuthClient getOAuthClientById(AppIdentifier appIdentifier, String client public boolean isOAuthTokenRevokedBasedOnTargetFields(AppIdentifier appIdentifier, OAuthRevokeTargetType[] targetTypes, String[] targetValues, long issuedAt) throws StorageQueryException; + public void deleteExpiredRevokedOAuthTokens(long exp) throws StorageQueryException; + public void addOAuthM2MTokenForStats(AppIdentifier appIdentifier, String clientId, long iat, long exp) throws OAuthClientNotFoundException, StorageQueryException; - public void cleanUpExpiredAndRevokedOAuthTokensList() throws StorageQueryException; + public void deleteExpiredOAuthM2MTokens(long exp) throws StorageQueryException; public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challenge, String clientId, String postLogoutRedirectionUri, String sessionHandle, String state, long timeCreated) throws DuplicateOAuthLogoutChallengeException, OAuthClientNotFoundException, StorageQueryException; @@ -59,6 +61,8 @@ public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challeng public void deleteRefreshTokenMapping(AppIdentifier appIdentifier, String superTokensRefreshToken) throws StorageQueryException; + public void deleteExpiredRefreshTokenMappings(long exp) throws StorageQueryException; + public int countTotalNumberOfOAuthClients(AppIdentifier appIdentifier) throws StorageQueryException; public int countTotalNumberOfClientCredentialsOnlyOAuthClients(AppIdentifier appIdentifier) throws StorageQueryException; From 64ef8e1328216f1f7986280bf3b7af69d1260ddf Mon Sep 17 00:00:00 2001 From: tamassoltesz Date: Mon, 21 Oct 2024 22:56:54 +0200 Subject: [PATCH 3/6] fix: rename st and oauth refresh tokents to external and internal --- .../io/supertokens/pluginInterface/oauth/OAuthStorage.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java index 69794822..7cbcafdf 100644 --- a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java +++ b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java @@ -55,11 +55,11 @@ public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challeng public void deleteOAuthLogoutChallengesBefore(long time) throws StorageQueryException; - public void createOrUpdateRefreshTokenMapping(AppIdentifier appIdentifier, String superTokensRefreshToken, String oauthProviderRefreshToken, long exp) throws StorageQueryException; + public void createOrUpdateRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken, String internalRefreshToken, long exp) throws StorageQueryException; - public String getRefreshTokenMapping(AppIdentifier appIdentifier, String superTokensRefreshToken) throws StorageQueryException; + public String getRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken) throws StorageQueryException; - public void deleteRefreshTokenMapping(AppIdentifier appIdentifier, String superTokensRefreshToken) throws StorageQueryException; + public void deleteRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken) throws StorageQueryException; public void deleteExpiredRefreshTokenMappings(long exp) throws StorageQueryException; From 082c446105ba2cd35dc6a41346e3ca4e5b5a63d0 Mon Sep 17 00:00:00 2001 From: tamassoltesz Date: Wed, 23 Oct 2024 00:58:57 +0200 Subject: [PATCH 4/6] feat: allow listing instead of revoke listing in oauth2 --- .../pluginInterface/oauth/OAuthStorage.java | 27 +++++++++++++------ 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java index 7cbcafdf..30d4e2fb 100644 --- a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java +++ b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java @@ -36,12 +36,6 @@ public OAuthClient getOAuthClientById(AppIdentifier appIdentifier, String client public List getOAuthClients(AppIdentifier appIdentifier, List clientIds) throws StorageQueryException; - public void revokeOAuthTokensBasedOnTargetFields(AppIdentifier appIdentifier, OAuthRevokeTargetType targetType, String targetValue, long exp) throws TenantOrAppNotFoundException, StorageQueryException; - - public boolean isOAuthTokenRevokedBasedOnTargetFields(AppIdentifier appIdentifier, OAuthRevokeTargetType[] targetTypes, String[] targetValues, long issuedAt) throws StorageQueryException; - - public void deleteExpiredRevokedOAuthTokens(long exp) throws StorageQueryException; - public void addOAuthM2MTokenForStats(AppIdentifier appIdentifier, String clientId, long iat, long exp) throws OAuthClientNotFoundException, StorageQueryException; public void deleteExpiredOAuthM2MTokens(long exp) throws StorageQueryException; @@ -55,13 +49,13 @@ public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challeng public void deleteOAuthLogoutChallengesBefore(long time) throws StorageQueryException; - public void createOrUpdateRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken, String internalRefreshToken, long exp) throws StorageQueryException; + public void createOrUpdateOAuthSession(AppIdentifier appIdentifier, String gid, String clientId, String externalRefreshToken, String internalRefreshToken, String sessionHandle, List jtis, long exp) throws StorageQueryException; public String getRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken) throws StorageQueryException; public void deleteRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken) throws StorageQueryException; - public void deleteExpiredRefreshTokenMappings(long exp) throws StorageQueryException; + public void deleteExpiredOAuthSessions(long exp) throws StorageQueryException; public int countTotalNumberOfOAuthClients(AppIdentifier appIdentifier) throws StorageQueryException; @@ -70,4 +64,21 @@ public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challeng public int countTotalNumberOfOAuthM2MTokensCreatedSince(AppIdentifier appIdentifier, long since) throws StorageQueryException; public int countTotalNumberOfOAuthM2MTokensAlive(AppIdentifier appIdentifier) throws StorageQueryException; + + public boolean revokeOAuthTokenByGID( AppIdentifier appIdentifier, String gid) throws StorageQueryException; + + public boolean revokeOAuthTokenByClientId(AppIdentifier appIdentifier, String clientId) throws StorageQueryException; + + public boolean revokeOAuthTokenBySessionHandle(AppIdentifier appIdentifier, String sessionHandle) throws StorageQueryException; + + public boolean revokeOAuthTokenByJTI(AppIdentifier appIdentifier, String gid, String jti) throws StorageQueryException; + + public boolean isOAuthTokenRevokedByGID(AppIdentifier appIdentifier, String gid) throws StorageQueryException; + + public boolean isOAuthTokenRevokedByClientId(AppIdentifier appIdentifier, String clientId) throws StorageQueryException; + + public boolean isOAuthTokenRevokedBySessionHandle(AppIdentifier appIdentifier, String sessionHandle) throws StorageQueryException; + + public boolean isOAuthTokenRevokedByJTI(AppIdentifier appIdentifier, String gid, String jti) throws StorageQueryException; } + From f77d78911b3de921f0bbee92209424e4f782af7c Mon Sep 17 00:00:00 2001 From: Mihaly Lengyel Date: Sat, 26 Oct 2024 02:13:54 +0200 Subject: [PATCH 5/6] feat: remove unused functions and add new exception --- .../supertokens/pluginInterface/oauth/OAuthStorage.java | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java index 30d4e2fb..e3338ba5 100644 --- a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java +++ b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java @@ -49,12 +49,10 @@ public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challeng public void deleteOAuthLogoutChallengesBefore(long time) throws StorageQueryException; - public void createOrUpdateOAuthSession(AppIdentifier appIdentifier, String gid, String clientId, String externalRefreshToken, String internalRefreshToken, String sessionHandle, List jtis, long exp) throws StorageQueryException; + public void createOrUpdateOAuthSession(AppIdentifier appIdentifier, String gid, String clientId, String externalRefreshToken, String internalRefreshToken, String sessionHandle, List jtis, long exp) throws StorageQueryException, OAuthClientNotFoundException; public String getRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken) throws StorageQueryException; - public void deleteRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken) throws StorageQueryException; - public void deleteExpiredOAuthSessions(long exp) throws StorageQueryException; public int countTotalNumberOfOAuthClients(AppIdentifier appIdentifier) throws StorageQueryException; @@ -75,10 +73,6 @@ public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challeng public boolean isOAuthTokenRevokedByGID(AppIdentifier appIdentifier, String gid) throws StorageQueryException; - public boolean isOAuthTokenRevokedByClientId(AppIdentifier appIdentifier, String clientId) throws StorageQueryException; - - public boolean isOAuthTokenRevokedBySessionHandle(AppIdentifier appIdentifier, String sessionHandle) throws StorageQueryException; - public boolean isOAuthTokenRevokedByJTI(AppIdentifier appIdentifier, String gid, String jti) throws StorageQueryException; } From cea5b30162cd9bef914e968245a7615a5d908778 Mon Sep 17 00:00:00 2001 From: tamassoltesz Date: Sat, 26 Oct 2024 21:50:42 +0200 Subject: [PATCH 6/6] fix: refactor, review fixes --- .../pluginInterface/oauth/OAuthStorage.java | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java index 30d4e2fb..5163e6e7 100644 --- a/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java +++ b/src/main/java/io/supertokens/pluginInterface/oauth/OAuthStorage.java @@ -49,12 +49,10 @@ public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challeng public void deleteOAuthLogoutChallengesBefore(long time) throws StorageQueryException; - public void createOrUpdateOAuthSession(AppIdentifier appIdentifier, String gid, String clientId, String externalRefreshToken, String internalRefreshToken, String sessionHandle, List jtis, long exp) throws StorageQueryException; + public void createOrUpdateOAuthSession(AppIdentifier appIdentifier, String gid, String clientId, String externalRefreshToken, String internalRefreshToken, String sessionHandle, List jtis, long exp) throws StorageQueryException, OAuthClientNotFoundException; public String getRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken) throws StorageQueryException; - public void deleteRefreshTokenMapping(AppIdentifier appIdentifier, String externalRefreshToken) throws StorageQueryException; - public void deleteExpiredOAuthSessions(long exp) throws StorageQueryException; public int countTotalNumberOfOAuthClients(AppIdentifier appIdentifier) throws StorageQueryException; @@ -73,12 +71,8 @@ public void addOAuthLogoutChallenge(AppIdentifier appIdentifier, String challeng public boolean revokeOAuthTokenByJTI(AppIdentifier appIdentifier, String gid, String jti) throws StorageQueryException; - public boolean isOAuthTokenRevokedByGID(AppIdentifier appIdentifier, String gid) throws StorageQueryException; - - public boolean isOAuthTokenRevokedByClientId(AppIdentifier appIdentifier, String clientId) throws StorageQueryException; - - public boolean isOAuthTokenRevokedBySessionHandle(AppIdentifier appIdentifier, String sessionHandle) throws StorageQueryException; - public boolean isOAuthTokenRevokedByJTI(AppIdentifier appIdentifier, String gid, String jti) throws StorageQueryException; + + public boolean isOAuthTokenRevokedByGID(AppIdentifier appIdentifier, String gid) throws StorageQueryException; }